Re: msync() bug - Andrew Morton

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Andrew Morton <andrewm@uow.edu.au>
To: Andrea Arcangeli <andrea@suse.de>
Cc: Abraham vd Merwe <abraham@2d3d.co.za>,
	Linux Kernel Development <linux-kernel@vger.kernel.org>,
	Linus Torvalds <torvalds@transmeta.com>
Subject: Re: msync() bug
Date: Tue, 10 Jul 2001 00:43:12 +1000	[thread overview]
Message-ID: <3B49C300.185DFCA4@uow.edu.au> (raw)
In-Reply-To: <20010709105044.A29658@crystal.2d3d.co.za> <3B49A44B.F5E3C6A7@uow.edu.au>, <3B49A44B.F5E3C6A7@uow.edu.au>; from andrewm@uow.edu.au on Mon, Jul 09, 2001 at 10:32:11PM +1000 <20010709162131.F1594@athlon.random>

Andrea Arcangeli wrote:
> 
> Wrong fix, `page' is just garbage if some non memory was mapped in
> userspace (like framebuffers or similar mmio regions were mapped etc..).

Now we're getting somewhere.  Thanks.  Tell me if this is right:
 

> if (VALID_PAGE(page)

If the physical address of the page is somewhere inside our
working RAM.

> !PageReserved(page)

And it's not a reserved page (discontigmem?)

> ptep_test_and_clear_dirty(ptep))

And if it was modified via this mapping

> +                       flush_tlb_page(vma, address);
> +                       set_page_dirty(page);

Question:  What happens if a program mmap's a part of /dev/mem
which passes all of these tests?   Couldn't it then pick some
arbitrary member of mem_map[] which may or may not have
a non-zero ->mapping?

next prev parent reply	other threads:[~2001-07-09 14:44 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2001-07-09  8:50 msync() bug Abraham vd Merwe
2001-07-09 12:32 ` Andrew Morton
2001-07-09 14:21   ` Andrea Arcangeli
2001-07-09 14:43     ` Andrew Morton [this message]
2001-07-09 15:08       ` Andrea Arcangeli
2001-07-09 17:37         ` Hugh Dickins
2001-07-09 17:42           ` Linus Torvalds
2001-07-09 17:58             ` Hugh Dickins
2001-07-09 18:00               ` Linus Torvalds
2001-07-10 13:25         ` Chris Wedgwood
2001-07-10 14:03           ` Andrew Morton
2001-07-10 14:15             ` Andrea Arcangeli

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3B49C300.185DFCA4@uow.edu.au \
    --to=andrewm@uow.edu.au \
    --cc=abraham@2d3d.co.za \
    --cc=andrea@suse.de \
    --cc=linux-kernel@vger.kernel.org \
    --cc=torvalds@transmeta.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox